CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2015-1427

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score27.6450%
EPSS Percentile91.92th
Published2015年2月17日
Last Modified2026年4月22日

Vulnerability Description

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

Affected Platforms (CPE)

📦
Elastic

Elasticsearch

< 1.3.8
📦
Elastic

Elasticsearch

>= 1.4.0 and < 1.4.3
📦
Redhat

Fuse

= 1.0.0

References & Advisories

🔗 http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html
🔗 http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html
🔗 http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/
🔗 http://www.securityfocus.com/archive/1/534689/100/0/threaded
🔗 http://www.securityfocus.com/bid/72585
🔗 https://access.redhat.com/errata/RHSA-2017:0868
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/100850
🔗 https://www.elastic.co/community/security/

相關漏洞威脅

CVE-2017-126299.8

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of ...

CVE-2015-53779.8

Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport proto...

CVE-2020-150979.1

loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server ...

CVE-2020-70098.8

Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able t...